关于安卓的外文翻译.docx

关于安卓的外文翻译.docx

《关于安卓的外文翻译.docx》由会员分享，可在线阅读，更多相关《关于安卓的外文翻译.docx（31页珍藏版）》请在冰豆网上搜索。

关于安卓的外文翻译

Understandandroidsecurity

Thenextgenerationofopenoperatingsystemswon’tbeondesktopsormainframesbutonthesmallmobiledeviceswecarryeveryday.Theopennessofthesenewenvironmentswillleadtonewapplicationsandmarketsandwillenablegreaterintegrationwithexistingonlineservices.

However,astheimportanceofthedataandservicesourcellphonessupportincreases,sotoodotheopportunitiesforvulnerability.It’sessentialthatthisnextgenerationofplatformsprovideacomprehensiveandusablesecurityinfrastructure.DevelopedbytheOpenHandsetAlliance（visiblyledbyGoogle）,Androidisawidelyanticipatedopensourceoperatingsystemformobiledevicesthatprovidesabaseoperatingsystem,anapplicationmiddlewarelayer,aJavasoftwaredevelopmentkit（SDK）,andacollectionofsystemapplications.AlthoughtheAndroidSDKhasbeenavailablesincelate2007,thefrstpubliclyavailableAndroid-ready“G1”phonedebutedinlateOctober2008.Sincethen,Android’sgrowthhasbeenphenomenal:

TMobile’sG1manufacturerHTCestimatesshipmentvolumesofmorethan1millionphonesbytheendof2008,andindustryinsidersexpectpublicadoptiontoincreasesteeplyin2009.Manyothercellphoneprovidershaveeitherpromisedorplantosupportitinthenearfuture.

AlargecommunityofdevelopershasorganizedaroundAndroid,andmanynewproductsandapplicationsarenowavailableforit.OneofAndroid’schiefsellingpointsisthatitletsdevelopersseamlesslyextendonlineservicestophones.Themostvisibleexampleofthisfeatureis—unsurprisingly—thetightintegrationofGoogle’sGmail,Calendar,andContactsWebapplicationswithsystemutilities.Androiduserssimplysupplyausernameandpassword,andtheirphonesautomaticallysynchronizewithGoogleservices.Othervendorsarerapidlyadaptingtheirexistinginstantmessaging,socialnetworks,andgamingservicestoAndroid,andmanyenterprisesarelookingforwaystointegratetheirowninternaloperations（suchasinventorymanagement,purchasing,receiving,andsoforth）intoitaswell.Traditionaldesktopandserveroperatingsystemshavestruggledtosecurelyintegratesuchpersonalandbusinessapplicationsandservicesonasingleplatform;althoughdoingsoonamobileplatformsuchasAndroidremainsnontrivial,manyresearchershopeitprovidesacleanslatedevoidofthecomplicationsthatlegacysoftwarecancause.Androiddoesn’tofciallysupportapplicationselopedforotherplatforms:

applicationsexecuteontopofaJavamiddlewarelayerrunningonanembeddedLinuxkernel,sodeveloperswishingtoporttheirapplicationtoAndroidmustuseitscustomuserinterfaceenvironment.Additionally,AndroidrestrictsapplicationinteractiontoitsspecialAPIsbyrunningeachapplicationasitsownuseridentity.Althoughthiscontrolledinteractionhasseveralbeneficialsecurityfeatures,ourexperiencesdevelopingAndroidapplicationshaverevealedthatdesigningsecureforward.Androidusesasimplepermissionlabelassignmentmodeltorestrictaccesstoresourcesandotherapplications,butforreasonsofnecessityandconvenience,itsdesignershaveaddedseveralpotentiallyconfusingrefinementsasthesystemhasevolved.ThisarticleattemptstounmaskthecomplexityofAndroidsecurityandnotesomepossibledevelopmentpitfallsthatoccurwhendefininganapplication’ssecurity.Weconcludebyattemptingtodrawsomelessonsandidentifyopportunitiesforfutureenhancementsthatshouldaidinclarityandcorrectness.AndroidApplicationsTheAndroidapplicationframeworkforcesastructureondevelopers.Itdoesnothaveamain（）functionorsingleentrypointforexecution—instead,developersmustdesignapplicationsintermsofcomponents.ExampleApplication.

WedevelopedapairofapplicationstohelpdescribehowAndroidapplicationsoperate.Interestedreaderscandownloadthesourcecodefromourwebsitepttp:

//siis.cse.psu.edu/android_sec_tutorial.html）.

Let’sconsideralocation-sensitivesocialnetworkingapplicationformobilephonesinwhichuserscandiscovertheirfriends’locations.Wesplitthefunctionalityintotwoapplications:

onefortrackingfriendsandoneforviewingthem.AsFigure1shows,theFriendTrackerapplicationconsistsofcomponentsspecifctotrackingfriendlocations（forexample,viaaWebservice）,storinggeographiccoordinates,andsharingthosecoordinateswithotherapplications.TheuserthenusestheFriendViewerapplicationtoretrievethestoredgeographiccoordinatesandviewfriendsonamap.Bothapplicationscontainmultiplecomponentsforperformingtheirrespectivetasks;thecomponentsthemselvesareclassifedbytheircomponenttypes.AnAndroiddeveloperchoosesfrompredefnedcomponenttypesdependingonthecomponent’spurpose（suchasinterfacingwithauserorstoringdata）.ComponentTypesAndroiddefnesfourcomponenttypes:

Activity•componentsdefneanapplication’suserinterface.Typically,anapplicationdeveloperdefnesoneactivityper“screen.”Activitiesstarteachother,possiblypassingandreturningvalues.Onlyoneactivityonthesystemhaskeyboardandocessingfocusatatime;allothersaresuspended.Servicecomponentsperformbackgroundprocessing.Whenanactivityneedstoperformsomeoperationthatmustcontinueaftertheuserinterfacedisappears（suchasdownloadafleorplaymusic）,itcommonlystartsaservicespecifcallydesignedforthataction.Thedevelopercanalsouseservicesasapplication-specifcdaemons,possiblystartingonboot.ServicesoftendefineaninterfaceforRemoteProcedureCall（RPC）thatothersystemcomponentscanusetosendcommandsandretrievedata,aswellasregistercallbacks.Contentprovidercomponentsstoreandsharedatausingarelationaldatabaseinterface.Eachcontentproviderhasanassociated“authority”describingthecontentitcontains.OthercomponentsusetheauthoritynameasahandletoperformSQLqueries（suchasSELECT,INSERT,orDELETE）toreadandwritecontent.Althoughcontentproviderstypicallystorevaluesindatabaserecords,dataretrievalisimplementation-specifc—forexample,flesarealsosharedthroughcontentproviderinterfaces.Broadcastreceivercomponentsactasmailboxesformessagesfromotherapplications.Commonly,applicationcodebroadcastsmessagestoanimplicitdestination.Broadcastreceiversthussub-scribetosuchdestinationstoreceivethemessagessenttoit.Applicationcodecanalsoaddressabroadcastreceiverexplicitlybyincludingthenamespaceassignedtoitscontainingapplication.

Figure1showstheFriendTrack-erandFriendViewerapplicationscontainingthediferentcomponenttypes.Thedeveloperspecifescomponentsusingamanifestfle（alsousedtodefnepolicyasdescribedlater）.Therearenorestrictionsonthenumberofcomponentsanapplicationdefnesforeachtype,butasaconvention,onecomponenthasthesamenameastheapplication.Frequently,thisisanactivity,asintheFriendViewerapplication.Thisactivityusuallyindicatestheprimaryactivitythatthesystemapplicationlauncherusestostarttheuserinterface;however,thespecifcactivitycho-senonlaunchismarkedbymetainformationinthemanifest.IntheFriendTrackerapplication,forexample,theFriendTrackerControlactivityismarkedasthemainuserinterfaceentrypoint.

Inthiscase,wereservedthename“FriendTracker”fortheservicecomponentperformingthecoreapplicationlogic.TheFriendTrackerapplicationcontainseachofthefourcomponenttypes.TheFriendTrackerservicepollsanexternalservicetodiscoverfriends’locations.Inourexamplecode,wegeneratelocaFriendTrackerapplicationBootReceiverBroadcastreceiverActivityFriendTrackerFriendProviderContentproviderServiceFriendTrackercontrolFriendViewerapplicationFriendReceiverBroadcastreceiverActivityFriendTrackerActivityFriendViewerFigure1.ExampleAndroidapplication.TheFriendTrackerandFriendViewerapplicationsconsistofmultiplecomponentsofdifferenttypes,eachofwhichprovidesadifferentsetoffunctionalities.Activitiesprovideauserinterface,servicesexecutebackgroundprocessing,contentprovidersaredatastoragefacilities,andbroadcastreceiversactasmailboxesformessagesfromotherapplications.tionsrandomly,butextendingthecomponenttointerfacewithaWebserviceisstraightforward.TheFriendProvidercontentprovidermaintainsthemostrecentgeographiccoordinatesforfriends,theFriendTrackerControlactivitydefnesauserinterfaceforstartingandstoppingthetrackingfunctionality,andtheBootReceiverbroadcastreceiverobtainsanotifcationfromthesystemonceitboots（theapplicationusesthistoutomaticallystarttheFriendTrackerservice）.TheFriendViewerapplicationbisprimarilyconcernedwithshowinginformationaboutfriends’locations.TheFriendVieweractivitylistsallfriendsandtheirgeographiccoordinates,andtheFriendMapactivitydisplaysthemonamap.TheFriendReceiverbroadcastreceiverwaitsformessagesthatindicatethephysicalphoneisnearaparticularfriendanddisplaysamessagetotheuseruponsuchanevent.AlthoughwecouldhaveplacedthesecomponentswithintheFriendTrackerapplication,wecreatedaseparateapplicationtodemonstratecross-applicationcommunication.dditionally,byseparatingthetrackinganduserinterfacelogic,wecancreatealternativeuserinterfaceswithdifferentdisplaysandfeatures—thatis,manyapplicationscanreusethelogicperformedinFriendTracker.ComponentInteractionTheprimarymechanismforcomponentinteractionisanintent,whichissimplyamessageobjectcontainingadestinationcomponentaddressanddata.

TheAndroidAPIdefnesmethodsthatacceptintents,andusesthatinformationtostartactivitie